X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=rcTc3XSxzRgxXNt5 kSZadVrzFeQquTPkJrHQ5rhHY2VpP6SbTgvhPsfXMVNl8bERl4o91M6uF3Klb6aF JvT8dYzrnfQCEnXIr9Jfxk/oirOcad85ame6B4mNcqzIMBXj+hjp1qjgh4EB39nd NyYshkY92CLfu9q5izpVA3F6ZkM= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; s=default; bh=XOYuFDfroHgSWScgTjjevr gU35E=; b=o33f6M8vxKHVINMUp/bdcYUKywmkbOaKUuyA5sbw8QOLi2Lbu+M2pi jbunHLODH/OOxpvTNCReZca1JefYgZN6En3VNtl98OWuit4thUmWEq3JjF6x6Wbe A/PHJE4B/HPpNK07nzvzGJc/55EA1HMoOJ4TwFpxi2o/pf1UQWjpI= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: Ishtar.hs.tlinx.org Message-ID: <56043BA4.7040405@tlinx.org> Date: Thu, 24 Sep 2015 11:06:28 -0700 From: Linda Walsh User-Agent: Thunderbird MIME-Version: 1.0 To: Greg Freemyer CC: "cygwin AT cygwin DOT com" Subject: Re: cygwin potentially corrupting permissions? References: <560366EE DOT 5020207 AT tlinx DOT org> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Greg Freemyer wrote: > Linda, > I saved your script as "lsacl.txt". Then I used "cp lsacl.txt it" to > make a copy. > > The copy is permission denied for reading. Basic ls -l shows no > difference (as expected) > > $ ls -l lsacl.sh it > ----rwx---+ 1 gaf None 1630 Sep 24 12:05 it > ----rwx---+ 1 gaf None 1630 Sep 24 12:00 lsacl.sh > > But your script does show a difference: > > $ ./lsacl.sh lsacl.sh it > [u::---,g::---,g:root:rwx,g:Authenticated > Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:---/] lsacl.sh > [u::---,g::r-x,g:root:rwx,g:Authenticated > Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:---/] it --- Well user 'gaf' (that's you, from the file perms has no access). So up front, you are denied before anything happens. lsacl is the embedded acl (the '+') at the end of the file perms u::--- = user seen by 'ls -l' has no access, g::--- = group seen by 'ls -l has no access g:root:rwx = group root has read/write/execute access g:Authenticated Users:rwx == group consisting of Authenticated Users... (after you login or provide credentials). m:rwx m = a maximum allowed privs 'mask' for user/groups other than owner, but since all bits are turned on, it has no limiting effect o:--- = other has no access So the main take-away is that since your 'user' has no access, pretty much everything else is ignored. From the mode-bits+acl, amost anyone in the groups: root, Authenticated Users,SYSTEM, or Users, ***except** User 'gaf' (you) should have access... you might try 1) chmod u+rwx file ... then look at both mode+acl... if you have no access and acl still says u::---, then nuke the acl or modify it with "setfacl" (setfacl --help)... > > We seem to travel the same mailing lists. This is my first time to cygwin's. > ---- Yeah... I wondered about that -- my Tbird tried to change my reply addr to suse(at)tlinx based on you being the 1st address I typed in... ;-) -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple